What you need to know about Point to Point Encryption
Articles, Blog, Cyber Risk

What you need to know about Point to Point Encryption (P2PE)

by Michael Hopewell, Managing Information Security Consultant.   Introduction Many businesses have heard about Point to Point Encryption (P2PE). Point of Sale vendors, service providers and others often mention its benefits to businesses: P2PE can reduce risk to payment card data by rendering it unreadable, minimise the number of systems and networks in scope for […]

0 Shares
Maintaining-Your-Compliance-with-the-PCI-DSS-All-Year-Round
Articles, Blog

Maintaining Your Compliance with the PCI DSS – All Year Round

Compliance with the PCI DSS (Payment Card Industry Data Security Standard) is mandatory for all businesses accepting cards for payment. The Standard ensures appropriate security protocols are applied to your payment acceptance environment to protect against fraud.   In its simplest form, the process of achieving compliance involves a scoping (or profiling) stage, which determines […]

0 Shares
PCI DSS and the Internet of Things IoT | Blog Article
Articles, Blog

PCI DSS and the Internet of Things (IoT)

Lots of Internet-connected devices are available on the market and a popular theme now is devices to create a ‘smart home’, which includes smart door locks, surveillance/security cameras and heating control systems that can be monitored and controlled when you are away from the home.   This ability to remotely connect to and integrate devices […]

0 Shares
New PCI SSC Program for Software-based PIN entry on COTS Solutions
Articles, Blog, Uncategorized

New PCI SSC Program for Software-based PIN entry on COTS Solutions

Over the last few months, the PCI SSC has published a set of documents to establish a new program for the specification, testing, evaluation and PCI SSC listing of Software-based PIN entry on Commercial Off The Shelf devices (COTS) Solutions.  Solutions also known as SPoC.   The PCI DSS developed this new PCI Security Standard […]

0 Shares
Outsourcing-customer-engagement-services-–-Key-criteria-that-a-payment-industry-organisation-should-look-out-for
Infographics, Uncategorized

Proactive Data Security – How to remove the PCI compliance burden from small businesses and make them secure

When it comes to compiling with PCI DSS, many small to medium merchants struggle to find the time or resources. As a result often they end up paying non-compliance fees which in turn leaves them vulnerable to security breaches. An alternative to this approach is to replace the non-compliance fee with compliance and security value-added […]

0 Shares
Ask A QSA – Mobile attack rates, how can your business customers better secure their mcommerce channel?
Articles, Blog

Ask A QSA – Mobile attack rates, how can your business customers better secure their mcommerce channel?

By Judith Clark, QSA Consultant Ask a QSA recently received the following query from an acquirer and we felt that this may be of interest to our readers. Merchants had been asking their acquirer “how can we better secure our mcommerce channel?”   It’s a good question. Recent research has shown that mobile attack rates […]

0 Shares
Articles, Uncategorized, Videos

Proactive Data Security – take the PCI compliance burden away from small business and make them secure

Many smaller business owners simply don’t have the time or resources to comply with PCI. As a result, they often end up paying ongoing, non-compliance fees leaving them vulnerable to security breaches.   So what’s the solution? It’s simple, take the burden away from smaller merchants by providing them with a managed compliance and security […]

0 Shares
The evolution of the cybercriminal means small businesses need to adapt
Blog, Uncategorized

The evolution of the cybercriminal means small businesses need to adapt

We regularly hear news stories about large corporations being hit with fines and suffering significant costs due to data breaches.  Many small businesses believe themselves to be immune to this threat as they believe themselves to be “too small to be a target” or that they “don’t hold valuable data.” Sadly, this is no longer […]

0 Shares
Addressing the growing risk from insecure third party remote access
Blog

Addressing the growing risk from insecure third party remote access

By Judith Clark, QSA Consultant In recent years, numerous security reports have identified an increasing trend for intrusions affecting Point of Sale (POS) environments to have involved insecure remote access from service providers and their networks.  As the ENISA points out, criminals are turning to network-based attacks against retailers’ POS infrastructure because attacks requiring physical […]

0 Shares
Compliance with multiple standards: the short and long term benefits of using our Combined Assessment Model
Uncategorized

Compliance with multiple standards: the short and long term benefits of using our Combined Assessment Model

Compliance with multiple information security related standards and regulations can be challenging for organisations. However, by aligning all standards using our Combined Assessment Model, requirements, cost and complexity can be significantly reduced. In this infographic, we explore the short and long term benefits.    

0 Shares
The TLS deadline is fast approaching. What it is & how we can help your customers be prepared
Blog, Uncategorized

The TLS deadline is fast approaching. We examine what it is and how we can help your customers be prepared

With the Payment Card Industry Security Standards Council (PCI SSC) 30th June 2018 deadline fast approaching, it’s important that your customers are prepared to migrate to a secure version of TLS .   Back in October of last year, Sysnet’s Natasja Bolton, Senior Acquirer Support QSA, highlighted the key factors as to what the TLS […]

0 Shares
Sysnet clients up for a hat trick of security awards at 2018 Card & Payments Awards
News, Uncategorized

Sysnet clients up for a hat trick of security awards at 2018 Card & Payments Awards

PCI DSS compliance clients shortlisted at UK and Ireland’s leading industry awards Dublin, Ireland. 29th January 2018. Sysnet Global Solutions, a leading provider of cyber security and compliance solutions to the payments industry, is delighted to announce that three of its clients – Elavon Merchant Services, Worldpay, and Lloyds Bank Cardnet – are all shortlisted […]

0 Shares
An-alternative-approach-to-non-compliance-fees
Blog, Infographics

An alternative approach to non-compliance fees

Despite various approaches that some acquirers take to try and engage with businesses when it comes to compliance programs, some merchants simply do not engage. The traditional approach of driving compliance via non-compliance fees unfortunately doesn’t always produce results and can also lead to a negative association with the brand of the acquirer in the eyes […]

0 Shares
The PCI DSS v3.2 requirements that become effective from February 2018
Blog, Uncategorized

The PCI DSS v3.2 requirements that become effective from February 2018

By Francis Kyereh, Information Security Consultant Maintaining payment security is required for all entities that store, process or transmit cardholder data. Guidance for maintaining payment security is provided in PCI security standards. These set the technical and operational requirements for organisations accepting or processing payment transactions. The PCI DSS Version 3.2, containing nine new requirements […]

0 Shares
Understanding the scope for PCI DSS
Blog, Uncategorized, Whitepapers

Understanding the scope for PCI DSS

When undertaking any kind of PCI DSS assessment, whether it is a formal assessment or self-assessment questionnaire (SAQ), the most important thing is ensuring that the scope is correct. Without an understanding of the scope, systems may be overlooked and/or insufficient security controls applied. This may lead to a risk of data breach.   Conversely, […]

0 Shares
Demystifying PCI DSS requirements: Penetration/segmentation testing
Blog

Demystifying PCI DSS requirements: Penetration/segmentation testing

By Mat Clarke, Information Security Analyst Introduction Testing the security of any network infrastructure and applications which are involved in the storing, processing or transmitting of cardholder data is often a key part of maintaining compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements.   Along with internal and external vulnerability scanning (only […]

0 Shares
PCI Council deadline - Are Your Customers Ready for 30 June 2018? 
Blog, Uncategorized

PCI Council deadline – Are Your Customers Ready for 30 June 2018? 

By Natasja Bolton, Senior Acquirer Support QSA Back in January 2016, we highlighted the PCI Council’s extension of the migration completion date for transitioning from SSL and TLS 1.0 to a secure version of TLS (currently v1.1 or higher).  Now, with just 8 months to go until the migration date deadline, we’re here to ask: […]

0 Shares
What you need to know about Point-to-Point Encryption 
Blog, Fact Sheets, Uncategorized

What you need to know about Point-to-Point Encryption (P2PE)

Many businesses are often unaware that ensuring their payment terminals are part of a Point-to-Point Encryption (P2PE) Solution can carry considerable benefits when it comes to simplifying their PCI DSS compliance. As we discovered here at Sysnet, the reason why many businesses are not aware of P2PE and its benefits is that they often find […]

0 Shares
Blog, Uncategorized

Growth in payment card transactions makes PCI DSS compliance more important than ever

by Natasja Bolton, Senior Acquirer Support QSA The UK Cards Association’s 2017 report on UK Card Payments, released on 19th June 2017, reported a doubling of debit and credit card purchases in the last 10 years.  The volume of card transactions reached 16.4 billion in 2016, an increase of 146% from 2006, even though the […]

0 Shares
Legacy systems and data – putting businesses compliance at risk?
Blog, Cyber Risk, Uncategorized

Legacy systems and data – putting businesses compliance at risk?

by Natasja Bolton, Senior Acquirer Support QSA   At the release of the PCI Scoping Guidance back in December 2016, the PCI Council highlighted the fact that “data breach investigation reports continue to find that companies suffering compromises were unaware that cardholder data was present on their compromised systems”.   Why is that?  Well, often […]

0 Shares
Elavon partners with Sysnet to provide their EU customers with Secured Pro
News, Uncategorized

Elavon partners with Sysnet to provide their EU customers with Secured Pro

May 17th 2017. Today, Sysnet Global Solutions a leading provider of cyber security and compliance solutions to the payments industry, announced that it has partnered with Elavon Merchant Services to develop Secured Pro; a managed PCI compliance validation and cyber security service that offers enhanced protection against fraud and payment security breaches.   “A new […]

0 Shares
ASV external vulnerability scans explained
Blog, Uncategorized

ASV external vulnerability scans explained

Requirement 11.2.2 of the Payment Card Industry Data Security Standard, otherwise known as the ASV scanning requirement, affects a significant number of businesses. These businesses need to engage an Approved Scanning Vendor (ASV to run external vulnerability scans quarterly.   It can be difficult for these companies to understand what ASV external vulnerability scanning is, […]

0 Shares
Cyber crime - Protecting your business
Blog, FDUS - Associates, FDUS - Managers, Videos

Cyber crime – Protecting your business

Online commerce has created incredible new opportunities for businesses to market and sell services globally. Many businesses, in particular small to medium ones, often do not consider that they could be targeted by cyber crime. The reality, unfortunately is that small to medium businesses are now very much being targeted by cyber criminals as many are […]

0 Shares
US Customer Contact Centre launch a great success
News, Uncategorized

US Customer Contact Centre launch a great success

On March 9th 2017, we officially launched our new US Customer Contact Centre in Atlanta, Georgia. Both Commissioner Pat Wilson of the Georgia Department of Economic Development and Gabriel Moynagh, CEO at Sysnet cut the ribbon to officially launch the opening of the new centre. The launch proved to be a great success and was attended […]

0 Shares
Sysnet officially opens Atlanta based Customer Contact Center
News

Sysnet officially opens Atlanta based Customer Contact Centre

March 9th, 2017, Dublin, Ireland / Atlanta, Georgia. Today, Commissioner Pat Wilson of the Georgia Department of Economic Development officially opened Sysnet’s new customer contact centre located at 1001 Perimeter Summit Boulevard. Sysnet Global Solutions is a leading provider of cyber security and compliance solutions to the payments industry.   The new centre will provide services […]

0 Shares
Our expertise will make your outreach campaign a success
Blog, Uncategorized

Outreach campaign success

Conducting an outreach campaign can be tricky to get right as well as resource heavy. Responding to market conditions while also proactively engaging your customers through their preferred channels can be difficult to achieve successfully. It can make sense to outsource, however often providers are not specialised or experienced enough in conducting an outreach security and compliance […]

0 Shares
New PCI SSC Scoping & Segmentation Guidance: what does it mean?
Blog, Fact Sheets, Uncategorized, Whitepapers

New PCI SSC Scoping & Segmentation Guidance: what does it mean?

By Natasja Bolton, Senior Acquirer Support QSA   Since the earliest iterations of the PCI DSS, the standard has included the requirement for scoping and has referenced network segmentation as a method of reducing the scope, cost and difficulty of a PCI DSS assessment. For just as long organisations, QSAs and ISAs have been seeking further guidance […]

0 Shares
Sysnet provides qualified assessment of Ecentric Payment Systems’ Decryption Environment component against P2PE V2
News

Sysnet provides qualified assessment of Ecentric Payment Systems’ Decryption Environment component against P2PE V2

Another Global First December 13th, 2016, Dublin – Ireland, Cape Town – South Africa   Sysnet Global Solutions today announced that it is the first organisation, globally, to provide qualified assessment for a P2PE version 2 Decryption Management Service. Ecentric Payment Systems, one of South Africa’s preferred payment processors, has been listed as a decryption […]

0 Shares